CVE ID | |
CVSS SCORE | 10.0, AV:N/AC:L/Au:N/C:C/I:C/A:C |
AFFECTED VENDORS |
Hewlett-Packard |
AFFECTED PRODUCTS |
iNode Management Center |
VULNERABILITY DETAILS |
The flaw exists within the iNOdeMngChecker.exe component which listens by default on TCP port 9090. When handling the 0x0A0BF007 packet type the process blindly copies user supplied data into a fixed-length buffer on the stack. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the SYSTEM user. |
ADDITIONAL DETAILS |
|
DISCLOSURE TIMELINE |
|
CREDIT | Anonymous Luigi Auriemma |